penetrationtesg , 27

Archive

Statistics

Certified Ethical Hacker (ECH) – ECH is an internationally recognized and sought after program which will bring into the world of Information Security. If you chose to pursue this course, you will learn about the 19 most current security domains. Upon completion of this certification, you will not only have a qualification that is recognized globally but also all the tools you need to become an Ethical Hacker. penetration testing

About ECHIn my personal opinion, as a current web engineer who has been in the industry for quite a while, this qualification is one of the most famous courses in the industry. CEH is designed to provide comprehensive ethical hacking and network security training to meet industry standards. The program is designed by experts in the industry, who are eternally putting their efforts into ensuring that the course content is designed in such a manner, that you will be on top the game. IT Security Training in Singapore

What you will learn during the programThe program includes 20 modules, starting with an introduction to ethical hacking, down to 19 more specific modules designed to keep you alert against all possible scenarios you may face in the industry. The program is credited, with not training ethical hackers to be ad-hoc solution providers, but to follow a structured methodology.

The list of modules are as follows:1. Introduction to ethical hacking: Here, you will talk about the overview of information security to more detailed topics like information security threats and security attack vectors. You will also learn about types of attacks that you may see in the field and phases of hacking. In addition, you will also find out about the ethics in the ethical hacking arena and other hacking related concepts like hacktivism.

2. Footprinting and reconnaissance: footprinting is the most traditional way in which hackers gather information about computer systems and the companies that they belong to. In this module, you will learn about some exciting new topics like footprinting methodology, website footprinting and most importantly footprinting countermeasures. You will also be trained to use some footprinting tools like Maltego, Domain Name Analyzer Pro, Web Data Extractor and more.

3. Scanning Networks: As the name suggests, scanning networks refers to finding out who is currently on your network. You will not only learn about the CEH Scanning Methodology but will also be trained to use a variety of state of the art tools to do so. Scanning networks in an essential part of Ethical Hacking, as it tells you who is one your network and what they are doing. Learning about these in detail will ensure that in the field, you will remain in control.

4. Enumeration: Enumeration is the process of collecting information about hosts on your network. The information collected includes usernames, machine names, network resources and services… During your course of study, you will learn everything you need to know about Enumeration, starting from what it is along with various tools and techniques that you can use to perform Enumeration.

5. System Hacking: Starting from what System hacking is, the techniques of system hacking along with the CEH Hacking Methodology is where you will start your module. Down the line, you will come to understand that this is one of the most interesting modules, including stealing passwords USB Drives, Key loggers, Desktop spyware, internet and email spyware and also, how to combat all of these. Remember, the idea, is protect information, not hack it. Along with all of this, the program will also teach you how to cover your tracks. What could be more exciting?

6. Trojans and Backdoors: The story of Trojans date back to Trojan war, where the Greeks wages war against Troy. The principle, is that a large horse was gifted to troy, with soldiers hidden within, to infiltrate Troy from within. The same principle applies to computer trojans as well. A trojan is designed to act as something else on your computer. Often times a useful software of some kind, which appears harmless, is actually a trojan. A backdoor on the other hand, as the name suggests, grants unauthorized access to a user, while bypassing the usual login procedure. Both of these are tools used back by hackers to gain unauthorized access into systems. CEH will teach you how these work and also how to combat them. In the field, these tools will turn into your best friends.

7. Viruses and Worms – In everyday terms, a virus is a small program designed to damage your data. A worm on the other hand, much like a real living worm, replicates itself, fills up your hard drives and slows down the system. During your course of study you will learn about the types of Virus and other malware, and how to use various applications to combat these. Additionally, you will also learn how to prevent these kind of problems occurring, because prevention is always better than cure.

8. Sniffers: Ever wonder how data is sent over wires? Well, the concept of it is fairly simple. Data, as you see on your computer screens, whether image, character or video is in reality a bunch of one’s and zero’s. These individual bits (either a 1 or a 0) are put together, to make a packet, which is eventually transferred along a wire as a current. During this lesson, you will learn all about how data is sent over a network, and also how these packets can be stolen to retrieve information. You will learn about the technology works and also how to avoid it happening to your data.

9. Social Engineering: social engineering refers to “tricking” or ‘psychological manipulation’ to steal information. Identity theft, phishing and pop-ups are some things you’ll learn about during the program. In addition, as always, you will learn how to both use and combat these techniques. Most of these are things we encounter on a day-to-day level, which makes this knowledge all the most useful. And of course, even in the industry, hackers may exploit these techniques to their advantage, to gain information, which can be avoided with the use of proper corrective measures and precautionary actions.

10. Denial of Service: All servers have a bandwidth; a number of requests that can be handled per second or per minute. This obviously changes from server to server, but in general, the idea is that requests of up to this amount can be made in a given span of time. Exceeding this limit can result in server malfunctions. Now what a DOS or Denial of Service attack is, a person sending more requests to a server than it can handle in a given time, which results in servers malfunctioning. These DOS attacks are often used by groups of hackers, to cause problems to servers and bring down sites. As a Information Security personnel, it is vital that you understand how these DOS attacks work and how to avoid them from creating damage to your servers. You’ll learn everything from symptoms of a DOS attack to the counter-measures that you can use to ensure that they don’t affect your computer.

11. Session Hijacking: Sessions are widely used by almost all websites to recognize a user. Various users are given different levels of access into a system, and the session allows the web site to identify who the user is and what level of access must be granted. Hackers use a technique named as session hijacking to recreate sessions, so that they can use the system as someone else. Needless to say, this counts for unauthorized access and allows a user to use a system as someone else. As an ethical hacker, you will be trained to complete this task and also what steps can be taken to avoid these kinds of problems will be taught.

12. Hacking Web Servers: Web servers are simply servers that host web sites. Hacking a web server is exceptionally large problem, because what a hacker could be published may be viewed by anyone around the world. If someone owns a large organization with a good reputation, their reputation could be at stake, if proper information security solutions have not been adapted. As an ethical hacker, this may be one of the responsibilities given to you; to avoid problems of this sort coming into play. CEH will teach you everything you need to know from the introduction all the way to hacking web servers to securing web servers.

13. Hacking Web Applications: With the added bonus, of web applications being ubiquitous; accessible, anywhere at any time, many organizations opt to move into a web based system. However, after all of an organizations information is on the internet, it may not be uncommon for rival organizations to want to their hands on such data. Hackers are often deployed to gather or else destroy data of such companies. During CEH, you learn to identify loopholes in web applications and learn to exploit them. You will also learn how to fix these loopholes and make systems more secure and reliable.

14. SQL Injection: A fairly common technique used by hackers. To give a simple introduction, a hacker would enter a code into a text box on the page that would basically bypass the applications code and display all the information of your database. Commonly used to access a database, how can be used to change or delete your data as well. CEH not only teaches you all about the technology and tells you how to use it, but also equips you with a range of tools that will assist you in doing so.

15. Hacking Wireless Networks: the wireless era is here, often you walk into a cafe or a mall to find yourself glued to your phone using the free-Wi-Fi hotspots. Using a wide range of tools hackers can not only gain access to Wi-Fi hotspots (even if password secured) but also can use the network to find out what information is being sent over the network. CEH is designed to provide you with ample training in gaining access to Wi-Fi networks and also gaining access to data packets sent over the network. As always, you will be exposed to a variety of tools and techniques that you can use with this subject.

16. Hacking Mobile Platforms: Irrespective of whether it is Android, Windows, Blackberry or Apple, you will learn about how they work, their loopholes and their architecture. Once you have an understanding of how the platforms core functions, you will also begin to gain an understanding on what loopholes you can exploit. You will also be introduced a range of tools that you can use to find and exploit these loopholes of all the mobile platforms. From simple operations like jail breaking an Apple phone to understanding vulnerabilities of Windows, you will learn it all.

17. Evading IDS, Firewalls and Honeypots: Now that Information Security and Hacking are two words that are known in the business world, people are already taking precautionary measures against them. IDS stands for Intrusive Detection System. Needless to explain, the name explains it all. Firewalls too are designed to block unauthorized network into a network. Honeypots are traps, so to speak, designed to catch people that try to enter into the system with unauthorized access. All three of these are designed to identify and trap hackers. Needless to say, as a pro, you would need to learn how to evade these and successfully infiltrate a system. CEH is designed to give you the relevant knowledge, tools, techniques and training in doing so. In addition, while learning how to infiltrate a system and evade these tools, you will also learn how to further strengthen a system that you manage, so as to make your own system more secure.

18. Buffer Overflow: a buffer, is typically a temporary storage between and application and a permanent storage. A buffer overflow attack is when more data than the buffer can handle is passed into the system. These kinds of attacks are used to make the program crash or else carry out unexpected activities. During CEH you will learn everything from the simple concept of buffer overflow to using it to your advantage to exploit a system. Further, you will also be trained to use specialized tools to use and also countermeasures that can be taken to avoid these kinds of problems occurring to your own programs or programs that you manage.

19. Cryptography: This is the technique of ensuring that a message can only be read by intended participants. First developed during the world war, it was used for secure communication. Today, it is used to safely send messages across a network. During this module, you will learn about an assortments of algorithms used to convert messages from a readable format into a non-readable code. In addition, you will also learn about tools that can be used to break these converted texts back into their original readable format. You will also learn about how encryption and where it can be applied to.

20. Penetration Testing: Another key module in the program, penetration testing is designed, to find weaknesses of a system. The company or the owners of the system would allow an ethical hacker to infiltrate the system, purely with the intention of discovering what faults exist within the system; security wise. Upon completion of this test, the system owners would have an idea of what components need to be fixed. During CEH you will all about Penetration Tests and how to carry them out.

As you may have realized, the course is designed to first teach you how to break a system and then fix it. It allows you to go into the mindset of a hacker, to understand loopholes and vulnerabilities of a system. Then, you are trained to address these issues to enhance a system’s security to avoid problems from occurring.

CertificationThe Certified Ethical Hacker exam 312-50 may be taken on the last day of the training (optional). Students need to pass the online Prometric/VUE exam to receive CEH certification.

Duration for the programThe program is designed to take the course of 5 days. During these 5 days, you may enter the system as an amateur and emerge a pro-ethical hacker!

hacker course singapore

hacker-course-singapore

CyberQuote has experience and expertise in providing various IT solutions and services to the stock broking and insurance industry. CQ has notably played a major role in developing Singapore’s first online share trading platform, Phillip Online Electronic Mart Systems (POEMS). From there CQ has branched out its service to cyber security training / it security training, such as :